Address: office 1410a, 17 Naberezhnaya Severnoy Dviny, Arkhangelsk, 163002, Russian Federation, Northern (Arctic) Federal University named after M.V. Lomonosov

Phone: (818-2) 21-61-21
E-mail: vestnik_est@narfu.ru
http://aer.narfu.ru/en/

ABOUT

Algorithm for Development of Information Protection System. Pp. 139–146.

Версия для печати

Section: Physics. Mathematics. Informatics

UDC

004.56

Authors

Bederdinova Oksana Ivanovna, Institute of Shipbuilding and Arctic Marine Engineering, Severodvinsk Branch of Northern (Arctic) Federal University named after M.V. Lomonosov (Severodvinsk, Russia)

Koryakovskaya Natalya Vladimirovna, Institute of Energy and Transport, Northern (Arctic) Federal University named after M.V. Lomonosov (Arkhangelsk, Russia)

Abstract

An algorithm for development of corporate information protection system was created on the basis of the analysis of regulatory requirements and documents of the RF and taking into consideration the systems approach. The algorithm can be used to create information security policy providing the required level of security for corporate objects of informatization.

Keywords

confidential information, information resources, objects of informatization, information security policy, information protection system.

The full-text version of the article can be requested through the university’s library.

References

  1. GOST R 51583-2000. Zashchita informatsii. Poryadok sozdaniya avtomatizirovannykh sistem v zashchishchennom ispolnenii. Obshchie polozheniya [Russian State Standard 51583–2000. Information Security. Protective Automated Systems. General Provisions]. Moscow, 2000.
  2. ISO/IEC 17799:2005. Information Technology - Security Techniques - Code of Practice for Information Security Management. 2005 (Russ ed.: ISO/MEK 17799-2005 “Informatsionnaya tekhnologiya. Prakticheskie pravila upravleniya informatsionnoy bezopasnost’yu”. Moscow, 2006.
  3. ISO/IEC 27001:2005 – Information technology – Security Techniques – Information Security Management Systems – Requirements (Russ. ed.: ISO/MEK 27001-2006 “Informatsionnaya tekhnologiya. Metody i sredstva obespecheniya bezopasnosti. Sistemy menedzhmenta informatsionnoy bezopasnosti. Trebovaniya”. Moscow, 2008.
  4. The Procedure of Classification of Personal Data Information Systems, Approved by Order of FSTEC of Russia, Federal Security Service and the Ministry of Communications of Russia on 13 February 2008, no. 55/86/20. Moscow, 2008. (in Russian).
  5. RD Gostekhkomissii Rossii. Avtomatizirovannye sistemy. Zashchita ot NSD. Klassifikatsiya avtomatizirovannykh sistem i trebovaniya po zashchite informatsii [Guidance Document of the Russian State Technical Commission. Automated Systems. Protection from Unauthorized Access. Automated Systems Classification and Requirements for Information Security]. Moscow, 1992.
  6. RD Gostekhkomissii Rossii. Spetsial’nye trebovaniya i rekomendatsii po tekhnicheskoy zashchite konfidentsial’noy informatsii (STR-K) [Guidance Document of the Russian State Technical Commission. Special Requirements and Recommendations for Technical Protection of Confidential Data (SRR-C)]. Moscow, 2001.